How does the VPN connection work?

The concept of private virtual networks, abbreviated as VPN (from the English Virtual Private Network), appeared in computer technology relatively recently. The creation of this type of connection allowed the computer terminals and mobile devices to be integrated into virtual networks without the usual wires, regardless of the location of the particular terminal. Now consider the question of how the VPN connection works, and at the same time give some recommendations on how to configure such networks and related client programs.

What is VPN?

As it is already clear, VPN is a virtual private network with several devices connected to it. It is not worth it to scamper - you can not connect ten or two simultaneously working computer terminals (as it can be done in "locale") usually does not work. This has its limitations in setting up the network or even simply in the capacity of the router responsible for assigning IP addresses and data transfer.

However, the idea, originally laid out in the connection technology, is not new. She tried to prove it long ago. And many modern users of computer networks do not even imagine what they knew about it all their lives, but they simply did not try to understand the essence of the matter.

How the VPN connection works: basic principles and technologies

For a better understanding, let us cite the simplest example that is known to any modern person. Take at least the radio. After all, in fact, it is a transmitting device (translator), an intermediary aggregate (repeater) responsible for transmitting and distributing the signal, and a receiving device (receiver).

Another thing is that the signal is broadcast absolutely to all consumers, and the virtual network works selectively, combining only certain devices into one network. Note that neither in the first nor in the second case the wires for connecting the transmitting and receiving devices that exchange data with each other are not required.

But here there are some subtleties. The fact is that initially the radio signal was unprotected, that is, it can be received by any radio amateur with a working device at the appropriate frequency. How does VPN work? Yes, exactly the same. Only in this case the router (router or ADSL modem) plays the role of the repeater, and the receiver role is a fixed computer terminal, a laptop or a mobile device that has a special wireless connection module (Wi-Fi) in its equipment.

At the same time, data originating from the source is initially encrypted, and only then using a special decoder are reproduced on a specific device. This principle of VPN communication is called tunneling. And this principle is most consistent with mobile communication, when redirection occurs on a particular subscriber.

Tunneling of local virtual networks

Let's look at how VPN works in tunneling mode. In essence, it involves creating a straight line, say, from point "A" to point "B", when transferring data from a central source (a router with a server connection), the definition of all network devices is made automatically according to a predefined configuration.

In other words, a tunnel with encoding is created when sending data and decoding at reception. It turns out that no other user who tried to intercept this type of data during the transfer process can decode them.

Means of implementation

One of the most powerful tools of this kind of connections and at the same time providing security are Cisco's systems. True, some inexperienced admins have a question about why VPN-Cisco equipment is not working.

This is primarily due to incorrect configuration and installed drivers of routers such as D-Link or ZyXEL, which require fine-tuning only because they are equipped with built-in firewalls.

In addition, you should pay attention to the wiring diagrams. They can be two: route-to-route or remote access. In the first case, it is a question of combining several distributing devices, and the second one is about controlling the connection or data transmission with the help of remote access.

Access protocols

As for the protocols, today we mainly use configuration tools at the PCP / IP level, although the internal protocols for VPN may vary.

Stop working VPN? You should look at some hidden parameters. For example, TCP-based additional PPP and PPTP protocols still apply to TCP / IP protocol stacks, but for connection, say, in the case of using PPTP, you must use two IP addresses instead of one. However, in any case, tunneling involves the transfer of data contained in internal protocols such as IPX or NetBEUI, and all of them are provided with special headers based on PPP for unimpeded transmission of data to the appropriate network driver.

For TCP / IP, it is generally recommended that you choose to automatically obtain the primary address and the preferred DNS server. In this case, the activation of the proxy server must be disabled (and not only for local addresses).

Hardware devices

Now let's look at the situation when the question arises as to why the VPN does not work. The fact that the problem may be due to incorrect configuration of the equipment is understandable. But there may be another situation.

It is worth paying attention to the routers themselves, which monitor the connection. As mentioned above, only devices suitable for connection parameters should be used.

For example, routers like the DI-808HV or DI-804HV are capable of connecting up to forty devices simultaneously. As for ZyXEL equipment, in many cases it can work even through the built-in network operating system ZyNOS, but only with the use of the command line mode via the Telnet protocol. This approach allows you to configure any devices that transfer data to three networks in a shared Ethernet environment with IP traffic, and use the unique Any-IP technology to use a standard router table with redirected traffic as the gateway for systems that were originally configured To work in other subnets.

What should I do if VPN does not work (Windows 10 and below)?

The first and most important condition is the correspondence of output and input keys (Pre-shared Keys). They must be the same at both ends of the tunnel. It is also worthwhile to pay attention to cryptographic encryption algorithms (IKE or Manual) with the presence of the authentication function or without it.

For example, the same protocol AH (in English version - Authentication Header) can provide only authorization without the possibility of using encryption.

VPN clients and their configuration

As for VPN clients, it's not all that simple. Most programs based on such technologies use standard methods of customization. However, there are their pitfalls.

The problem is that no matter how you install the client, when the service is turned off in the "OS" itself, nothing good will come of it. That's why you need to use these settings in Windows, then enable them on the router (router), but only after proceeding to configure the client itself.

In the system itself, you will have to create a new connection, and not use the existing one. We will not dwell on this, since the procedure is standard, but on the router itself you will have to go to the advanced settings (most often they are located in the WLAN Connection Type menu) and activate everything that is connected to the VPN server.

It is worth noting also the fact that the virtual server itself will have to be installed into the system as a companion program. But then it can be used even without manual adjustment, simply selecting the nearest dislocation.

One of the most popular and easiest to use is a VPN client-server called SecurityKISS. The program is installed without a hitch, but then you do not need to even enter the settings to ensure normal communication for all devices connected to the distributor.

It happens that a fairly well-known and popular package Kerio VPN Client does not work. Here you will have to pay attention not only to the settings of the router or the "operating system" itself, but also to the parameters of the client program. As a rule, the introduction of correct parameters allows you to get rid of the problem. As a last resort, you will have to check the settings of the main connection and the TCP / IP protocols used (v4 / v6).

What in the end?

We looked at how the VPN works. In principle, nothing complicated in the connection itself whether the creation of networks of this type is not. The main difficulties are to configure specific equipment and set its parameters, which, unfortunately, many users overlook, relying on the fact that the whole process will be reduced to automatism.

On the other hand, we are now more concerned with the issues related to the operation of the virtual VPNs themselves, so it will be necessary to configure the equipment, install device drivers, etc. using separate instructions and recommendations.